Archive for ‘Uncategorized’

Most companies requiring sophisticated manipulation of network traffic rely on firewall devices capable of layer 7 protocol analysis. However, with the ease of deploying web applications into the cloud, you may find yourself managing a web server that is not sitting behind a firewall and exposed to hackers to play with. Most modern web services allow for access to be controlled via configuration (e.g. .htaccess for apache), but suppose you want to prevent certain packets from hitting your web service in the first place, that is where iptables comes in.

I advice caution when using this and you’ll need to use sudo or run as root to see try what I am describing below.

If you want to see what rules are currently in place you may run it with the -L parameter:

iptables -vL

Suppose you want to drop all incoming packets on port 80 containing the string ‘sex’, here is what you can do: